Announcing Deployments with AWS CodeDeploy

At CircleCI we live and breathe continuous integration and continuous deployment so we were pretty excited when Amazon Web Services (AWS) reached out to us with an early access preview of AWS CodeDeploy.

AWS CodeDeploy is a fully managed, scalable deployment service that lets developers quickly and simply automate the process of deploying and updating applications on Amazon EC2. It enables a lot of deployment workflows on AWS that were previously challenging without a lot of custom tooling, but it’s very simple in scope. AWS CodeDeploy works with servers that you control after you install an agent on them. It makes sure that all of the resources needed by your application make it from Amazon Simple Storage Service (Amazon S3) to your servers, and optionally calls a series of lifecycle scripts that you specify over the course of the deployment. If you use it with CircleCI, we handle bundling your application and getting it to Amazon S3, and we kick off the deployment, creating a smooth continuous delivery workflow.

A new member of the AWS family of deployment services

AWS CodeDeploy joins AWS Elastic Beanstalk, Amazon CloudFormation, and AWS OpsWorks in AWS’s selection of deployment-related services, all of which have their respective benefits for various use cases.

AWS CodeDeploy is similar to Amazon CloudFormation in that it gives you fine-grained control over cloud resources that you provision (you could certainly use the two together). In fact, one of my favorite Amazon CloudFormation features is its ability to automatically manage a rolling update of an AutoScaling Group for you. AWS CodeDeploy provides a much more customizable version of this to extend the capabilities of AWS.

AWS CodeDeploy’s data model on the other hand is kind of like AWS Elastic Beanstalk’s. You can have multiple applications, each of which can have many revisions, and you deploy a given app revision to an environment (or “deployment group” in AWS CodeDeploy parlance). Instead of being very plug-and-play like AWS Elastic Beanstalk though, AWS CodeDeploy helps you apply this abstraction to arbitrary infrastructure.

Like most AWS services, AWS CodeDeploy has a single core responsibility, making it easy to mix with other AWS and non-AWS tools.

What exactly does it actually do?

The main concept that AWS CodeDeploy is built around is the application. An application has different revisions and can be deployed to different deployment groups. An application revision is a bundle of code/resources along with a special AWS CodeDeploy appspec.yml file and optional application lifecycle scripts used to start/stop/validate the installed application. The appspec.yml file contains all the information the agents need to perform the installation. Application revisions are uploaded to Amazon S3 as zip archives or tarballs and then registered with AWS CodeDeploy as a new revision of the application.

AWS CodeDeploy has two major components, there’s the service itself and also an agent that runs on all of your instances that you want to manage with AWS CodeDeploy. During a deployment AWS CodeDeploy instructs your agents to fetch a new application revision and install it. The agents take care of actually performing the install, and running your lifecycle scripts at the right times.

How does AWS CodeDeploy compare to all the other shiny new tools?

AWS CodeDeploy is a somewhat low-level building block that is difficult to compare one-to-one with other deployment and configuration management tools. However, some of its key benefits are:

It’s a first-class AWS service, so it is totally integrated with IAM and other services

Less overhead than “baked” AMIs–you just deploy a zip/tarball (this does mean you need to be careful though about managing the state of your servers through multiple deployments)

Unlike SSH-based deployment tools, your build service (e.g. CircleCI) doesn’t need connect directly to your production servers to run a deployment, allowing more flexibility in how you secure your production environment, structure your network, etc.

The concept of “deployment configurations”, which let you deploy rapidly to staging but very gradually to production, or make any number of other sophisticated deployment rules

Of course there is no one-size-fits-all deployment tool, so you’ll have to consider the strengths of AWS CodeDeploy in the context of your use case.

How does AWS CodeDeploy work with CircleCI

As usual, CircleCI starts by building your application and running all your tests really quickly! If the tests pass, we automatically upload and register new application revisions with AWS CodeDeploy and trigger deployments to your deployment groups. We’ll also watch the deployment and report its status right into the build page[1].

Configuring AWS CodeDeploy is straightforward, as with any of the other AWS services you need to tell us credentials for an IAM user with sufficient permissions to put new application revisions into your Amazon S3 bucket and to call the relevant AWS CodeDeploy functions (our “Continuous Deployment with AWS CodeDeploy” docs have IAM policy snippets).

The next step is to let us know some information about your application: its name, the AWS Region it lives in, and Amazon S3 information including how to construct Amazon S3 keys for new application revisions. Finally you just add a deployment block to your circle.yml telling us which branches to deploy, the application you want to deploy and the deployment group to deploy it to and we’ll take it from there. The configuration on CircleCI looks something like this:

Note in particular that with our integration, the entire process of tarring up your application, transporting it to a versioned Amazon S3 object, and distributing it to your servers is handled by the combination of CircleCI and AWS CodeDeploy.

Synopsis

With AWS CodeDeploy, you worry about writing your code, and let us and AWS worry about testing it and deploying it! If you’d like to learn more, read our complete documentation on the integration, or sign up now to try it out.

[1] Caveat, very long-running deployments (over half an hour) will fail the build and we’ll link you to the AWS CodeDeploy console instead.